A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is
OpenID is a promising user-centric Web single sign-on protocol. According to the OpenID Foundation, there are currently more than one billion OpenID-enabled user accounts provided by major service providers such as Google, Yahoo and AOL. In this presentation, I will present OpenID security analysis and the evaluation results on 200 OpenID-enabled websites. Our preliminary result shows that more than 50% of OpenID-enabled websites are vulnerable to cross-site request forgery attack (CSRF) thatdoi:10.5281/zenodo.3264502 fatcat:eetpkw3otfeqjabiadf7crf4ny